April 12, 2012 By Dancho Danchev

Microsoft issues 6 security bulletins on ‘Patch Tuesday’

On Tuesday, Microsoft issued 6 security bulletins, 4 of them critical, and 2 important updates. The bulletins fix a total of 11 vulnerabilities in Windows, Microsoft Office, and Internet Explorer.

According to Microsoft, the company has already observed targeted malware attacks taking advantage of the MS12-027 vulnerability. In order to mitigate the risks posed by these currently circulating targeted attacks, the company is advising users to disable the ActiveX controls via the Trust Center Settings > ActiveX Settings, option.

More details:

The patched vulnerabilities are as follows:

  • MS12-023 – Cumulative Security Update for Internet Explorer (2675157)
  • MS12-024 – Vulnerability in Windows Could Allow Remote Code Execution (2653956)
  • MS12-025 – Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605)
  • MS12-027 – Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)
  • MS12-026 – Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)
  • MS12-028 – Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185)

The severity and exploitability of these flaws is as follows:

End and corporate users are advised to update  their PCs as soon as possible to prevent the likelihood of a successful remote exploitation thanks to these vulnerabilities.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Share Button
true